Published on November 13th, 2017 📆 | 5955 Views ⚑
0CredSniper – Phishing Framework which supports SSL and capture credentials with 2FA tokens
Benefits
- Fully supported SSL via Let's Encrypt
- Exact login form clones for realistic phishing
- Any number of intermediate pages
- (i.e. Gmail login, password and two-factor pages then a redirect)
- Supports phishing 2FA tokens
- API for integrating credentials into other applications
- Easy to personalize using a templating framework
Basic Usage
usage: credsniper.py [-h] --module MODULE [--twofactor] [--port PORT] [--ssl] [--verbose] --final FINAL --hostname HOSTNAME
optional arguments:
-h, --help show this help message and exit
--module MODULE phishing module name - for example, "gmail"
--twofactor enable two-factor phishing
--port PORT listening port (default: 80/443)
--ssl use SSL via Let's Encrypt
--verbose enable verbose output
--final FINAL final url the user is redirected to after phishing is done
--hostname HOSTNAME hostname for SSL
Credentials
.cache : Temporarily store username/password when phishing 2FA
.sniped : Flat-file storage for captured credentials and other information
API End-point
- View Credentials (GET)
https://<phish site>/creds/view?api_token=<api token>
- Mark Credential as Seen (GET)
https://<phish site>/creds/seen/<cred_id>?api_token=<api token>
- Update Configuration (POST)
https://<phish site>/config
{
'enable_2fa': true,
'module': 'gmail',
'api_token': 'some-random-string'
}
Modules
All modules can be loaded by passing the --module <name>
command to CredSniper. These are loaded from a directory inside /modules
. CredSniper is built using Python Flask and all the module HTML templates are rendered using Jinja2.
- Gmail: The latest Gmail login cloned and customized to trigger/phish all forms of 2FA
- modules/gmail/gmail.py: Main module loaded w/ --module gmail
- modules/gmail/templates/error.html: Error page for 404's
- modules/gmail/templates/login.html: Gmail Login Page
- modules/gmail/templates/password.html: Gmail Password Page
- modules/gmail/templates/authenticator.html: Google Authenticator 2FA page
- modules/gmail/templates/sms.html: SMS 2FA page
- modules/gmail/templates/touchscreen.html: Phone Prompt 2FA page
[adsense size='1' ]
Installation
Ubuntu 16.04
You can install and run automatically with the following command:
$ git clone https://github.com/ustayready/CredSniper
$ cd CredSniper
~/CredSniper$ ./install.sh
Then, to run manually use the following commands:
~/$ cd CredSniper
~/CredSniper$ source bin/activate
(CredSniper) ~/CredSniper$ python credsniper.py --help
Note that Python 3 is required.
Screenshots
Gmail Module
Gloss